Macro-Based Malware: Old Scams Still Work

As new technology emerges and users become more aware of cybersecurity threats, hackers and scammers have to work even harder to keep up. This leads to the unleashing of never-before-seen viruses and malware while employing new methods of attacking networks. Once the new tactics are in place, criminals can steal data by exploiting what users don’t know.

Unfortunately, just because new methods of attack have appeared doesn’t mean the old ways no longer apply. One of the oldest types of email attacks involved macro-based malware infections that arrived in the form of word processor documents, like those created in Microsoft Word.

Some time ago, tech users were warned never to open an attachment from a source if they weren’t expecting it. Then, when email hacking became more prevalent, users were even warned about the dangers of clicking on an attachment if they did recognize the sender.

Sound familiar? It’s the same advice that experts still give today, only now the warning involves never clicking on a link in a message.

Macro-based attacks fell by the wayside somewhat as the ability to direct recipients to a web link took over, and as people became aware of the attachment threat. Unfortunately, these kinds of attacks haven’t been eradicated just because they fell out of use. In fact, as a new generation of tech users has entered the workforce and more advanced technology has become mainstream, this method of cyberattack is once again gaining new ground.

Some of the hardest hit victims may be businesses, due to the dual threat of email spoofing and boss phishing. Spoofing, or creating an email account that looks like a known account, means a hacker can send an email that looks like it comes from an authorized email address, directing the recipient to open the attachment. The email—with the virus or malware attached—may inform the recipient that the attachment is a past due invoice, a contract they’ve been expecting, or some other plausible business-related document. In the case of boss phishing, in which the hacker has gained access to a “higher up’s” email address and uses it to make malicious requests of someone within the company, a hacker can easily convince a company employee that the attachment contains a document to be proofread, a paper that needs to be printed out and posted in the employee breakroom, or another likely file.

In order to protect yourself both at home and at work, you have to be aware of the threat. Tech users have been warned not to click on unexpected links or download content from unknown websites, but they have to be just as aware of opening files that are attached to messages and emails.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.